Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          EwtwZy4Pj6uHUV/jezoJ6rSnOUZBnVPXCLuMhq4Z32s=
Subject key identifier:   9A:D4:90:2C:0D:62:04:2C:B7:D3:CD:5B:A7:55:F0:0A:18:96:36:71
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       019D3909E6EE733862A8E0E9BB293C62DFC8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          107E
Signing time:             Sun 29 Mar 2026 10:00:43 +0000
Manifest this update:     Sun 29 Mar 2026 10:00:43 +0000
Manifest next update:     Mon 30 Mar 2026 10:00:43 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: 0Rdoz4fMmDmPaHRQk/KrBuUpZm1UsDvtcd9RXXTkdvE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Mar 2026 07:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:39:09:e6:ee:73:38:62:a8:e0:e9:bb:29:3c:62:df:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Mar 29 10:00:43 2026 GMT
            Not After : Mar 30 10:00:43 2026 GMT
        Subject: CN=9ad4902c0d62042cb7d3cd5ba755f00a18963671
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:75:7d:5c:f3:27:e1:4b:f5:69:4f:4c:cd:11:
                    52:9f:a9:04:bc:09:52:e3:52:2d:c2:87:0f:71:91:
                    eb:3c:1d:7f:7f:83:9e:18:b6:c4:1a:e5:e4:4c:05:
                    20:89:24:0c:9c:4c:03:f1:c3:86:df:82:ab:4d:ba:
                    52:18:62:46:39:19:46:05:e0:c6:ba:ee:25:4e:43:
                    f2:a5:1f:9c:be:ab:3e:df:1b:c7:84:bb:c5:95:1e:
                    07:a2:1a:58:ae:5f:1e:5d:16:e6:27:c4:d4:42:75:
                    72:09:ae:c4:ed:46:89:76:b6:c0:f5:09:c4:67:b4:
                    9c:bc:c8:4c:2e:a3:5d:fb:fa:e2:bf:eb:b2:96:32:
                    65:c2:47:0a:87:4b:c1:36:51:4a:be:0f:c0:7b:23:
                    d4:a0:dc:5c:d7:92:82:bb:f1:a5:e0:72:3c:e8:99:
                    71:ab:8c:01:2a:41:a3:68:f9:3b:50:3e:e0:0e:c9:
                    f7:f4:42:e0:59:ea:a0:e6:b3:52:bc:8d:e1:f9:4e:
                    bf:0c:3c:8f:e6:a8:3e:1c:7c:36:59:b4:b3:72:94:
                    e3:75:63:0a:7e:e6:5c:84:d1:4f:ab:fe:37:18:f6:
                    86:de:5c:fe:72:11:10:ed:c1:64:33:c0:d8:b3:ff:
                    84:80:9c:e9:8c:bc:48:07:64:de:a6:fb:4f:9c:82:
                    49:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:D4:90:2C:0D:62:04:2C:B7:D3:CD:5B:A7:55:F0:0A:18:96:36:71
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:bb:4e:77:a8:7c:f0:3e:8a:f9:14:ae:37:3b:e2:c7:e0:9b:
         8d:e5:93:c9:45:cd:04:da:d0:26:ac:1b:b5:2a:28:0c:48:37:
         96:39:33:6f:70:4c:9f:4a:d3:cf:21:83:1e:0c:51:e6:1b:b3:
         b2:77:93:c9:ea:b8:5f:7d:9d:24:f6:b0:6c:ed:4d:28:80:73:
         fd:8f:c0:e1:c0:e9:e4:7b:53:25:2f:3a:c3:3f:16:08:62:63:
         c1:6b:15:83:9e:77:da:c8:18:15:51:a3:5b:da:6d:18:ed:be:
         8e:5e:3c:aa:79:2c:b9:f9:6c:72:9d:a8:b6:09:65:1b:02:97:
         99:b5:d9:fb:d6:e2:01:fe:53:5e:94:42:58:fd:48:9f:63:cc:
         7a:d2:b1:68:d3:92:0e:41:93:41:28:c8:23:f9:fc:85:e4:28:
         c2:01:aa:61:b8:4d:91:ba:20:74:f0:3f:b8:83:8f:a3:72:d8:
         81:60:8a:4f:4d:bb:ba:a0:4a:21:71:ae:73:06:d0:7f:f8:45:
         76:b0:48:9f:47:8e:f9:1a:5c:a5:f0:43:1e:78:65:38:69:0c:
         da:b0:a3:00:2c:34:ef:23:2f:63:9a:bd:4e:35:18:f7:64:7c:
         01:a6:9b:dc:e3:ba:1f:a4:b7:52:89:e7:0d:53:ce:6e:dd:a8:
         70:1e:58:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CebuczhiqODpuyk8Yt/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjYwMzI5MTAwMDQzWhcNMjYwMzMwMTAwMDQzWjAzMTEwLwYDVQQD
Eyg5YWQ0OTAyYzBkNjIwNDJjYjdkM2NkNWJhNzU1ZjAwYTE4OTYzNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43V9XPMn4Uv1aU9MzRFSn6kEvAlS
41ItwocPcZHrPB1/f4OeGLbEGuXkTAUgiSQMnEwD8cOG34KrTbpSGGJGORlGBeDG
uu4lTkPypR+cvqs+3xvHhLvFlR4HohpYrl8eXRbmJ8TUQnVyCa7E7UaJdrbA9QnE
Z7ScvMhMLqNd+/riv+uyljJlwkcKh0vBNlFKvg/AeyPUoNxc15KCu/Gl4HI86Jlx
q4wBKkGjaPk7UD7gDsn39ELgWeqg5rNSvI3h+U6/DDyP5qg+HHw2WbSzcpTjdWMK
fuZchNFPq/43GPaG3lz+chEQ7cFkM8DYs/+EgJzpjLxIB2TepvtPnIJJGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJrUkCwNYgQst9PNW6dV8AoYljZxMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ7tOd6h8
8D6K+RSuNzvix+CbjeWTyUXNBNrQJqwbtSooDEg3ljkzb3BMn0rTzyGDHgxR5huz
sneTyeq4X32dJPawbO1NKIBz/Y/A4cDp5HtTJS86wz8WCGJjwWsVg5532sgYFVGj
W9ptGO2+jl48qnksuflscp2otgllGwKXmbXZ+9biAf5TXpRCWP1In2PMetKxaNOS
DkGTQSjII/n8heQowgGqYbhNkbogdPA/uIOPo3LYgWCKT027uqBKIXGucwbQf/hF
drBIn0eO+RpcpfBDHnhlOGkM2rCjACw07yMvY5q9TjUY92R8Aaab3OO6H6S3Uonn
DVPObt2ocB5YBQ==
-----END CERTIFICATE-----